1. Field
The present disclosure relates generally to aircraft and, in particular, to aircraft communications. Still more particularly, the present disclosure relates to a method and apparatus for assessing threats to aircraft communications.
2. Background
Currently, air traffic management (ATM) systems face challenges in meeting the demands of future aviation needs and requirements. Traffic is predicted to increase in at least volume, frequency, density, and complexity for both airborne and on-ground operations. At the same time, airspace stakeholders are expecting higher efficiency, flexibility, predictability, and increased safety.
Aircraft will rely on aircraft-to-ground and aircraft-to-aircraft communications enabled by the new automatic dependent surveillance-broadcast (ADS-B) technology to navigate in airspaces in the presence of uncertainties that emanate from both natural and malicious disruptions. Before wide-scale deployment of automatic dependent surveillance-broadcast technology, it would have been advantageous to identify and ensure that the impact of such disruptions can be addressed satisfactorily.
At present, however, a lack of understanding is present as to how automatic dependent surveillance-broadcast and its vulnerabilities can impact air traffic management systems and what undesirable conditions they can induce, thus impeding its beneficial applications. Although automatic dependent surveillance-broadcast is being deployed at airports and airspace systems, partly because of the lack of security assessments of vulnerabilities, the applications being considered are mostly focused on the automatic dependent surveillance-broadcast out mode. In the out mode, only the aircraft-to-ground communications enabled by automatic dependent surveillance-broadcast are used for air traffic management.
For example, the use of shared datalinks in automatic dependent surveillance-broadcast introduces opportunities for malicious exploitation of vulnerabilities in the air traffic management (ATM) system that must be assessed and mitigated. Undesirable conditions from natural disruptions in an automatic dependent surveillance-broadcast datalink can potentially cause the air traffic management system to degrade in accuracy and performance. The natural disruptions include, for example, weather and radio interference. The malicious disruptions include, for example, data corruption, spoofing, and wireless jamming.
Furthermore, while the effects of wireless jamming are well covered by a safety analysis and mitigated by gracefully degrading to a backup non-global navigation satellite system based surveillance, the risks from “intelligent” jamming, such as selective disruption of air traffic flows in the National Airspace System (NAS), also are concerns.
Therefore, it would be advantageous to have a method and apparatus that take into account at least some of the issues discussed above, as well as possibly other issues.